Certbot insists on installing apt's Nginx over my custom-built one

So here’s a full description of the problem and solution for people finding this thread in the future.

Disclaimer: I’m definitely not an expert and this is a hack-y solution so definitely look over this whole thread. I’m just detailing my steps so others can see something that worked.

If anyone sees something dangerous or dumb that I did in here, please comment and I’ll correct it.

This is on Debian 10.3.

I have a custom-built Nginx installed and working on port 80, but of course I want to install Certbot and get an SSL certificate. I use

sudo apt install certbot python-certbot-nginx


The following NEW packages will be installed:
  certbot nginx python-certbot-nginx python3-certbot-nginx

I don’t want apt to install nginx over the one I’ve already got working.

What’s working for me now is creating a fake nginx .deb and installing it so that apt doesn’t overwrite mine. This fake package was created using the method described on this page, and I’ll describe specifically what I did here.

First of all, I needed the equivs package:

sudo apt install equivs

I then created a temporary ~/fakepackages directory and entered it (doesn’t matter where you put this; I didn’t create mine in temp because I want to keep what’s in there). Then to get started I used:

equivs-control nginx

This created a template file named nginx which I then edited by un-commenting some lines and editing some values. The active/relevant lines in my file look like this:

Section: misc
Priority: optional
Standards-Version: 3.9.2

Package: nginx
Version: 1:99
Maintainer: Myself <notarealemail@example.com>
Architecture: all
Description: A fake package that doesn't really install nginx.

Note: The version number above means “epoch 1, verson 99.” The idea is to install a version number way above anything the nginx package is likely to reach any time soon.

I saved the file and then ran:

equivs-build nginx

This built the file nginx_99_all.deb in my case. I then ran:

sudo apt install ./nginx_99_all.deb

Which produced some warnings but seems to have installed my fake Nginx package just fine. I also separately tried:

sudo dpkg -i nginx_99_all.deb

which produced some warnings about being “unable to delete old directory” on some of the configuration and log directories of my custom Nginx installation. They both seemed to do what I inteded but obviously you don’t need to run both of those commands.

Now when I run

sudo apt install certbot python-certbot-nginx

I get the response:

The following NEW packages will be installed:
  certbot python-certbot-nginx python3-certbot-nginx

Excellent! It’s not installing nginx over my custom build. After installing Cerbot, I run

sudo nginx -V

and see the custom configuration parameters from when I built Nginx, confirming that this is still my custom-built version.